← Volver a CVEs
CVE-2024-36523
MEDIUM6.5
Descripcion
An access control issue in Wvp GB28181 Pro 2.0 allows users to continue to access information in the application after deleting their own or administrator accounts. This is provided that the users do not log out of their deleted accounts.
Detalles CVE
Puntuacion CVSS v3.16.5
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado6/12/2024
Ultima modificacion6/13/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
wvp-pro:gb28181
Debilidades (CWE)
CWE-613
Referencias
https://github.com/648540858/wvp-GB28181-pro/issues/1456(cve@mitre.org)
https://github.com/648540858/wvp-GB28181-pro/issues/1456(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.